Threat Modeling: Tampering in Depth

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Learn how tampering threats work and how to mitigate them. Explore how attackers can tamper with a variety of systems and tools, from debuggers to cloud services.

Syllabus

Introduction

Mitigate tampering threats
Four-question framework
Tampering as part of STRIDE

1. Tampering with a Process

Debuggers and input
Libraries
Mobile

2. Tampering with Storage

Tampering with local storage
Permissions
Effects of tampering

3. Tampering with Things

Whose screw? Physical tampering matters
Debug interfaces are exposed

4. Tampering with Time Itself

Time is increasingly important

5. Tampering with Cloud

Controls and authentication
Becoming Jane Admin

6. Tampering with Data Flows

Channels and messages
Replay and reflection
Headers: Injection and order

7. Integrity Defenses

Prevention and detection goals
Crypto
Something more privileged

Conclusion

Next steps

Taught by

Adam Shostack

Reviews

4.8 rating at LinkedIn Learning based on 65 ratings

Start your review of Threat Modeling: Tampering in Depth

Taught by

Threat Modeling Security Fundamentals

Performing Threat Modeling with the Microsoft Threat Modeling Methodology

Threat Modeling for Builders Workshop

Network Security

Detect threats and protect information in cloud apps using Microsoft Defender for Cloud Apps

Manage identity and access in Microsoft 365

110+ Hours of Free LinkedIn Learning Courses with Free Certification

Never Stop Learning.